[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: swamp rat bots Q

On 12/4/2020 7:40 AM, Gene Heskett wrote:
On Friday 04 December 2020 01:03:34 Andy Smith wrote:


On Fri, Dec 04, 2020 at 12:03:57AM -0500, Gene Heskett wrote:
what file do I edit to add todays
/var/log/httpd/other_vhosts_access.log to its list of logs to
watch.  That's the log file with the real data in it today.  And
does it need enabled in another, different file.

Again we have been down this avenue before, but I will try one last

It seems quite likely that the bot you have a problem with has the
same user agent string, or a very small variation on the same
string. If so then you can block it just with Apache.

So, can you show us a few lines of logs from your
/var/log/httpd/other_vhosts_access.log of the accesses from the
offending bot(s)?

No.  Bad idea.

By publishing the name of the bot, it probably will be changed before the
day is done. Far better IMO to tell me what files I need to edit, and

We did that to no avail.

I drop the ball on this one.

John Doe

Reply to: